CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.
[
{
"repo": "https://gitee.com/src-openeuler/kernel",
"vendor": "openEuler",
"modules": [
"filesystem"
],
"product": "kernel",
"versions": [
{
"status": "affected",
"changes": [
{
"at": "cf1d16ea2f1086c0765348344b70aa2361436642 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'",
"status": "unaffected"
}
],
"version": "4.19.90",
"lessThan": "4.19.90-2401.3",
"versionType": "git"
},
{
"status": "affected",
"changes": [
{
"at": "1587126a0f2a79b3ee6cb309bbfaf079c39eda29 ext4: fix kernel BUG in 'ext4_write_inline_data_end()'",
"status": "unaffected"
}
],
"version": "5.10.0-60.18.0",
"lessThan": "5.10.0-183.0.0",
"versionType": "git"
}
],
"platforms": [
"Linux"
],
"packageName": "kernel",
"programFiles": [
"https://gitee.com/openeuler/kernel/blob/openEuler-22.03-LTS/fs/ext4/inline.c"
],
"collectionURL": "https://gitee.com/src-openeuler",
"defaultStatus": "unaffected"
}
]
www.openwall.com/lists/oss-security/2024/01/30/10
www.openwall.com/lists/oss-security/2024/01/30/3
www.openwall.com/lists/oss-security/2024/01/30/4
www.openwall.com/lists/oss-security/2024/01/30/5
www.openwall.com/lists/oss-security/2024/01/30/9
www.openwall.com/lists/oss-security/2024/01/31/2
www.openwall.com/lists/oss-security/2024/01/31/3
www.openwall.com/lists/oss-security/2024/02/02/6
www.openwall.com/lists/oss-security/2024/02/02/9
www.openwall.com/lists/oss-security/2024/02/03/1
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c099c4fdc438014d5893629e70a8ba934433ee8
gitee.com/src-openeuler/kernel/pulls/1389
gitee.com/src-openeuler/kernel/pulls/1396
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034
www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial